Security concern
Joseph S D Yao
jsdy at cospo.osis.gov
Thu May 17 22:54:34 UTC 2001
On Fri, May 18, 2001 at 12:35:11AM +0200, Lordy wrote:
...
> For security reasons you should think about putting something like
> this into your BIND configuration file:
>
> options {
> version { "GO AWAY !" };
> };
>
> After this users will not be able to find out which version of BIND you
> are running.
First off, ancient versions of BIND, such as the eminently bugged
4.9.3-BETA26, did not have this option: they didn't even have a
named.conf file!!!!
Second off, this is NOT the appropriate action. You might as well go
hide your head in the sand. He should, instead, upgrade to 8.2.4 or,
even better if appropriate, 9.1.2.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
OSIS Center Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list